package com.example.tools.security.expression;

import com.example.mallcommon.constant.AuthConstant;
import org.springframework.security.access.expression.SecurityExpressionRoot;
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.AntPathMatcher;

import java.util.Collection;

/**
 * Description: 自定义方法拦截处理器
 *
 * @author Yang
 * create time 2021-08-23 22:22
 * @since 0.0.1
 */
public class MallMethodSecurityExpressionRoot extends SecurityExpressionRoot implements MethodSecurityExpressionOperations {

    private static final AntPathMatcher antPathMatcher = new AntPathMatcher();

    public MallMethodSecurityExpressionRoot(Authentication authentication) {
        super(authentication);
    }

    private Object filterObject;
    private Object returnObject;


    //  已经参考了 http://javadaily.cn/articles/2020/08/07/1596772909329.html这里代码可以扩展思考
    // /**
    //  * https://github.com/kutay-celebi/kuartz-core
    //  * User yetkisi ile checkYetkiye verilen yetkiler kiyaslanir. Eger methot'a verilen yetki kullanicidaki yetki ile basliyorsa true
    //  * doner.
    //  * <p/>
    //  * <p/>
    //  * <code>
    //  * Orn:
    //  * <p/>
    //  * Methot yetkisi = a_b_c_d
    //  * <p/>
    //  * Kullanici Yetkisi = a_b
    //  * <p>
    //  * <p/>
    //  * kullanici yetkilendirilir.
    //  *
    //  * </code>
    //  *
    //  * @param privileges {@link String}
    //  * @return boolean
    //  */
    // public boolean checkYetki(String... privileges) {
    //     KuartzPrincipalModel principal = (KuartzPrincipalModel) authentication.getPrincipal();
    //     final Collection<KuartzPrincipalYetki> yetkiList = principal.getYetkiList();
    //
    //     if (yetkiList == null) {
    //         return false;
    //     }
    //
    //     for (KuartzPrincipalYetki userAuth : yetkiList) {
    //         for (String privilege : privileges) {
    //             if (privilege.startsWith(userAuth.getKod())) {
    //                 return true;
    //             }
    //         }
    //     }
    //     return false;
    // }
    //
    // // todo javadoc.
    // public boolean checkRol(String... roles) {
    //     KuartzPrincipalModel principal = (KuartzPrincipalModel) authentication.getPrincipal();
    //     Collection<KuartzPrincipalRol> userRoles = principal.getRolList();
    //
    //     for (KuartzPrincipalRol userRole : userRoles) {
    //         for (String role : roles) {
    //             if (role.equals(userRole.getKod())) {
    //                 return true;
    //             }
    //         }
    //     }
    //
    //     return false;
    // }

    public boolean hasPrivilege(String permission){
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        return authorities.stream()
                .map(GrantedAuthority::getAuthority)
                .filter(item -> !item.startsWith(AuthConstant.AUTHORITY_PREFIX))
                .anyMatch(x -> antPathMatcher.match(x, permission));
    }

    @Override
    public void setFilterObject(Object o) {
        this.filterObject = o;
    }

    @Override
    public Object getFilterObject() {
        return this.filterObject;
    }

    @Override
    public void setReturnObject(Object o) {
        this.returnObject = o;
    }

    @Override
    public Object getReturnObject() {
        return this.returnObject;
    }

    @Override
    public Object getThis() {
        return null;
    }
}
